Understanding How Components of Organisations Contribute to Attacks

Min Gu, Zaruhi Aslanyan, Christian W. Probst*

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

Abstract

Attacks on organisations today explore many different layers, including buildings infrastructure, IT infrastructure, and human factor – the physical, virtual, and social layer. Identifying possible attacks, understanding their impact, and attributing their origin and contributing factors is difficult. Recently, system models have been used for automatically identifying possible attacks on the modelled organisation. The generated attacks consider all three layers, making the contribution of building infrastructure, computer infrastructure, and humans (insiders and outsiders) explicit. However, this contribution is only visible in the attack trees as part of the performed steps; it cannot be mapped back to the model directly since the actions usually involve several elements (attacker and targeted actor or asset). Especially for large attack trees, understanding the relations between several model components quickly results in a large quantity of interrelations, which are hard to grasp. In this work we present several approaches for visualising attributes of attacks such as likelihood of success, impact, and required time or skill level. The resulting visualisations provide a link between attacks on an organisations and the contribution of parts of an organisation to the attack and its impact.
Original languageEnglish
Title of host publicationSecure IT Systems
Subtitle of host publication21st Nordic Conference, NordSec 2016, Oulu, Finland, November 2-4, 2016. Proceedings
Place of PublicationLondon
PublisherSpringer
Pages54-66
Number of pages13
ISBN (Electronic)978-3-319-47560-8
ISBN (Print)978-3-319-47559-2
DOIs
Publication statusPublished - 9 Oct 2016
Externally publishedYes
Event21st Nordic Conference on Secure IT Systems, NordSec 2016 - University of Oulu, Oulu, Finland
Duration: 2 Nov 20164 Nov 2016
Conference number: 21
http://nordsec.oulu.fi/

Publication series

NameLecture Notes in Computer Science
PublisherSpringer International Publishing
Volume10014
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference21st Nordic Conference on Secure IT Systems, NordSec 2016
Abbreviated titleNordSec
Country/TerritoryFinland
CityOulu
Period2/11/164/11/16
Internet address

Keywords

  • EC Grant Agreement nr.: FP7/318003
  • EC Grant Agreement nr.: FP7/2007-2013
  • Leaf node
  • Pareto frontier
  • Attack model
  • Attack trees
  • Graphical attack

Fingerprint

Dive into the research topics of 'Understanding How Components of Organisations Contribute to Attacks'. Together they form a unique fingerprint.

Cite this